Routing – n SNMP MIB for Cisco Track Objects

failovermanagementroutingsnmp

My goal is to write a service check that pulls the status of a Cisco track list that is performing a Boolean OR. I have a screen scraper in place currently, but that is really not ideal in terms of scaling this type of service check.

The track object below simply pulls out the tracked static route if object 10 and object 20 are both unreachable, allowing a BGP learned default route to be installed, that is otherwise in RIB-failure status.

Configuration Example:

!
track 10 ip sla 1 reachability
!
track 20 ip sla 2 reachability
!
track 30 list boolean or
 object 10
 object 20
!
ip sla 1
 icmp-echo 8.8.8.8 source-ip 10.10.10.10
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 4.2.2.2 source-ip 10.10.10.10
ip sla schedule 2 life forever start-time now

ip route 0.0.0.0 0.0.0.0 10.10.10.1 track 30

It would be ideal to pull either the number of changes or the Boolean OR status (up or down) from an OID.

HOSTNAME#show track 30
Track 30
  List boolean or
  Boolean OR is Up
    14716 changes, last change 02:18:47
    object 10 Up
    object 20 Up
  Tracked by:
    STATIC-IP-ROUTINGTrack-list 0

I've been digging through the Google machine, forums and the Cisco SNMP Object Navigator to no avail.

Best Answer

I don't believe there is a way to directly poll the results of the OR via SNMP, but you can certainly poll for the IP SLA results and calculate it yourself.

Using the CISCO-RTTMON-MIB (1.3.6.1.4.1.9.9.42), you can check the timeout value of your reachability checks, take the true/false value it returns and do the OR in whatever scripting language you're using to poll via SNMP.

For example, I setup a similar test to yours above:

track 10 ip sla 1 reachability
!
track 20 ip sla 2 reachability
!
track 30 list boolean or
 object 10
 object 20
!
ip sla 1
 icmp-echo 8.8.8.8 source-ip 10.129.10.62
ip sla schedule 1 life forever start-time now
ip sla 2
 icmp-echo 4.2.2.2 source-ip 10.129.10.62
ip sla schedule 2 life forever start-time now
!
ip route 10.171.20.0 255.255.255.252 10.129.10.61 track 30

Then, I verified the output in IOS:

R-VOIPLAB#show track 30
Track 30
  List boolean or
  Boolean OR is Up
    2 changes, last change 00:01:21
    object 10 Up
    object 20 Up

Next, with the IP SLA tracking in place, I installed the CISCO-RTTMON-MIB on my monitoring server, and walked the value of rttMonCtrlOperTimeoutOccurred (1.3.6.1.4.1.9.9.42.1.2.9.1.6) for it's True/False output.

The key item to note is that since we are polling whether a timeout occurred or not, that False means that the destination is reachable, and True means that it is not reachable and a timeout has occurred.

snmpwalk -v3 -a SHA -A SNMP-AUTH-PASS -l authNoPriv -u SNMPUSER r-voiplab rttMonCtrlOperTimeoutOccurred
CISCO-RTTMON-MIB::rttMonCtrlOperTimeoutOccurred.1 = INTEGER: false(2)
CISCO-RTTMON-MIB::rttMonCtrlOperTimeoutOccurred.2 = INTEGER: false(2)

Finally, I blackholed traffic to 8.8.8.8 from that box, and checked the Track results in IOS again:

R-VOIPLAB(config)#ip route 8.8.8.8 255.255.255.255 null 0
R-VOIPLAB(config)#end
R-VOIPLAB#show track 30
Track 30
  List boolean or
  Boolean OR is Up
    2 changes, last change 00:21:18
    object 10 Down
    object 20 Up
  Tracked by:
    STATIC-IP-ROUTING 0

Now that we have one of the test objects in a Down state, let us see the results of polling rttMonCtrlOperTimeoutOccurred again:

snmpwalk -v3 -a SHA -A SNMP-AUTH-PASS -l authNoPriv -u SNMPUSER r-voiplab rttMonCtrlOperTimeoutOccurred
CISCO-RTTMON-MIB::rttMonCtrlOperTimeoutOccurred.1 = INTEGER: true(1)
CISCO-RTTMON-MIB::rttMonCtrlOperTimeoutOccurred.2 = INTEGER: false(2)

Now, as I stated above, you would just have to poll those values and use them however you need to in your script.

Related Solutions

Cisco SNMP – Exporting IF-MIB Stats Interval in Cisco IOS

Is this native to the 1900 series to only update the SNMP agent (forgive me if this is the wrong terminology) like it is doing at the moment.

What you're seeing is expected behavior. IOS has cached IF-MIB statistics for on 10-second intervals (by default) for a while, for instance see this entry in the SNMP FAQ.

That said, I have a few switches which seem to defy this "typical" 10-second SNMP stats export interval.

Is there a setting or configuration that I can set?

Use service counters max age [age-in-seconds]; this command will show up in the running configuration; however, it's not available in older versions of IOS.

You can also change the IF-MIB 64-bit counters to update interval with this hidden command: snmp-server hc poll [interval], where the interval is measured in hundredths of seconds; however, this command will not show up in the running configuration.

Will it be better to use traps instead of query?

It won't matter whether you push or pull, unless your platform exports the stats quickly enough.

SNMP MIB – TrippLite PDUVM5NET Current Monitoring

Assuming this is the MIB that you're referring to, I see the following table:

tlUpsOutputCircuitTable

With each row in the table being:

tlUpsOutputCircuitIndex     PositiveInteger,
tlUpsOutputCircuitStatus    INTEGER,
tlUpsOutputCircuitLoadCurrent   NonNegativeInteger

Presumably tlUpsOutputCircuitLoadCurrent would be what you want, and represents the amps in tenths?

EDIT: Try telling Net-SNMP where to load the MIBs from when you run snmpwalk. Assuming you've saved those MIB files to /home/ethan/.snmp/mibs you would do the following:

snmpwalk -M +/home/ethan/.snmp/mibs -m +TRIPPLITE-MIB -v2c -c 'tripplite' 192.168.15.25 tlUpsOutputCircuitTable

If that still returns an error, the next step would be to just run a bulkwalk on the unit to see what OIDs are available, as the SNMP agent on the device may not export everything that's available in TRIPPLITE-MIB.

snmpbulkwalk -M +/home/ethan/.snmp/mibs -m +TRIPPLITE-MIB -v2c -c 'tripplite' 192.168.15.25

Best Answer

Related Solutions

Cisco SNMP – Exporting IF-MIB Stats Interval in Cisco IOS

SNMP MIB – TrippLite PDUVM5NET Current Monitoring

Related Topic